Field of the Invention
The present invention relates to an authenticating system, an information processing device, an authenticating method and a non-transitory computer readable recording medium. The present invention more specifically relates to a technique of authenticating a user who uses the information processing device.
Description of the Background Art
In the conventional environment where multiple management devices share contents, the devices send and receive the contents. In such a case, the contents are sent and received with a temporal ID not the one used in the device. With the temporal ID, the ID used in the device is kept being confidential. This known technique is introduced for example in Japanese Patent Application Laid-Open No. JP 2012-84085 A.
Some information processing devices called as MFPs (Multi-Function Peripherals) installed in an office environment, for instance, authenticate users who use the information processing devices in the light of security. Especially in many office environments, more than one information processing device are connected to a network. The users who use the respective information processing devices are managed in an integrated manner. An authentication server, therefore, is installed in a network environment, and the conventional user authentication of the users who use the respective information processing devices is generally performed on the authentication server.
With the popularization of recent cloud computing, it is considered to install the authentication server conventionally installed in the on-premise environment on the public cloud such as an internet. More specifically, if the authentication server is installed on the cloud, user authentication of all users who use each information processing device installed at each business office may be performed on the authentication server on the cloud. As a result, initial installation costs may be reduced compared to that for installation of the authentication server in every business office.
Conventional user authentication of the user who uses the information processing device is performed based on a user ID and a password input by the user through an operational panel. It, however, is bothersome for the user to input the user ID and the password through the operational panel by manual. In recent years, some user authentications are performed by reading card information from an IC card carried by the user, or by reading biological information such as fingerprint pattern or vein pattern showing personal feature of the user. These types of authenticating methods do not require the users to input information such as character strings by operating the operational panel by manual, resulting in good operability.
For the user authentication on the authentication server on the cloud, basic information that should be cross-checked at the user authentication needs to be registered in advance with the authentication server. More specifically, the basic information may be the user ID, the password, the card information and/or the biological information relating to the registered user. If, however, such information is stored on the authentication server installed on the cloud, security problem like leakage of information occurs.
The password consists of character strings may be changed by the user at any time. Even if the password is leaked out from the authentication server on the cloud, the user changes the password to the new one so that unauthorized use of the password may be prevented. The card information recorded on the IC card and the biological information showing the personal feature of the user cannot be changed easily. Especially the biological information is something that can never be changed. Therefore, once the card information or the biological information is leaked out from the authentication server installed on the cloud, prevention of unauthorized use of the leaked card information or biological information is not easy.